The [pam] section contains tokens that UNAB uses to interact with the PAM module.
Defines whether the PAM module can print messages to the user screen during login.
Options: yes, no
Default: yes
Specifies the default file permissions that are assigned to the user home directory.
Values: 0-7
Default: 700
Example: 700—indicates that each user has read, write, and execute permissions to their home directories only.
Defines the PAM module behavior when the mapped user logs in with a local password.
Options: yes, no
Default: yes
Defines whether the pam_uxauth module deletes the Active Directory user credentials cache upon login completion.
Values: Yes (Delete the AD user credentials after login), no (The credentials cache is not changed)
Default: No
Defines the PAM module behavior if the login was denied due to enterprise or local policy settings or Active Directory account state.
Options: yes (The PAM module closes the sequence and prevents other PAM modules from authenticating the user), no (The PAM module does not close and enables other PAM modules to authenticate the user. The no value allows the login server to retry the PAM sequence call)
Default: yes
Specifies the time, in seconds, that the PAM module waits for the UNAB agent (uxauthd) to respond.
Limits: any positive integer.
Default: 10
Defines the minimal UID for the local storage to authenticate in the Active Directory.
Values: any positive number.
Default: 101
Copyright © 2013 CA Technologies.
All rights reserved.
|
|